New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validation of labels of domain names according to RFC 1035 #1515
Conversation
e26b12b
to
97daded
Compare
app/validators/uri_validator.rb
Outdated
@@ -26,6 +26,10 @@ def valid_scheme?(scheme) | |||
end | |||
end | |||
|
|||
def valid_host?(host) | |||
host.present? && (host.size <= 255) && !host.split('.').any? { |label| label.size > 63 } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would separate it in another method
host.present? && (host.size <= 255) && !host.split('.').any? { |label| label.size > 63 } | |
host.present? && valid_domain_parts? |
def valid_domain_parts
host.split('.').map(&:size).all?(&63.method(:'>'))
end
…racters for the overall name and its labels - overall host name must be 255 characters long or less - labels must be 63 characters long or less Closes https://issues.redhat.com/browse/THREESCALE-2932
97daded
to
6ffe6ce
Compare
Codecov Report
@@ Coverage Diff @@
## master #1515 +/- ##
=========================================
- Coverage 93% 93% -0.01%
=========================================
Files 2514 2514
Lines 83469 83503 +34
=========================================
+ Hits 77630 77658 +28
- Misses 5839 5845 +6
Continue to review full report at Codecov.
|
According to RFC 1035, domain host names must be 255 characters-long or less, and its labels must be 63 characters-long or less. Currently we do not validate domain names against this constraint which is causing OpenShift to reject non-compliant routes created by Zync.
One not-so-obvious case where this issue can cause us trouble is when creating a new product. The
system_name
of the product, chosen by the user, will end up being used to generate the proxy endpoints (depending on the sandbox proxy config). A sufficiently longsystem_name
may produce a domain name containing a lable that is longer than 63 characters. The route will then fail to be created or updated by Zync, requiring a manual intervention by the user to fix it. The creation of the product succeeds in this case though; yet, the endpoints cannot be used.This PR fixes this behavior by enforcing every domain name validated with https://github.com/3scale/porta/blob/bdc91b894eac16fbd81afd4f05198eb5cb8beee9/app/validators/uri_validator.rb to comply with the limits of characters specified by the RFC. Moreover, it makes proxy endpoints to be validated using this validator instead of using the old simple regex
porta/app/models/proxy.rb
Line 26 in bdc91b8
The PR also makes sure that validation errors on the proxy endpoints due to this new requirement are propagated to the service, specifically marking the
system_name
attribute. This is done with the support of https://github.com/3scale/porta/blob/bdc91b894eac16fbd81afd4f05198eb5cb8beee9/app/services/service_creator.rb.Closes THREESCALE-2932.